intel/cve-bin-tool v3.3 on GitHub

Release highlights

GSoC 2023 contributor @Rexbeast2 added support for EPSS scores to help users assess vulnerability risks (more info : https://cve-bin-tool.readthedocs.io/en/latest/MANUAL.html#metric)
GSoC 2023 contributor @b31ngd3v has set up a github action (available here: https://github.com/intel/cve-bin-tool-action) and did a lot of work related to using our new NVD mirror (available here: https://cveb.in/)
We now default to using our own NVD mirror unless an NVD_API_KEY is set.
- The data is updated multiple times per day and duplicated to mirrors in several countries across the globe. They should be significantly faster than getting data from NVD directly, especially if you need to populate a database from scratch.
- Mirroring infrastructure is provided by FCIX Software Mirrors, who currently provide a large portion of the global mirroring for linux distributions and other open source projects.
- If you have difficulties with the mirrors or wish us to activate a mirror closer to you (we're only using a fraction of the servers available), please file an issue https://github.com/intel/cve-bin-tool/issues
- These mirrors can be used in other tools or as part of research. We'd love to know if and how you use them!
Breaking Change: Windows users will now need to use python 3.12 if they want to scan tarfiles.
- Testing has been disabled on windows for python < 3.12. It's likely that older versions of python will continue to work on Windows as long as you don't need tarfile support, but our binary checker tests use tarfiles so we can no longer run the full test suite.
We now provide our own version compare function, which will not be limited to PEP 440 compliant semantic versions.
Thanks especially to @ffontaine we are up to 359 binary checkers!
Our fuzz testing has been improved to cover more of our language file parsers. Thanks especially to @joydeep049, @mastersans , @raffifu and @inosmeet for their work in setting these up and fixing errors found via fuzzing.

We've also got a large number of new contributors, many of whom participated in Hacktoberfest 2023 or the first part of GSoC 2024, as well as users and security experts who were generous enough to share their time and expertise with us outside of these open source beginner-focused programs. Thank you!

Change Log

List of pull requests merged (quite long)

fix: java parser failing to match vendor on product without '-' by @bcieszko in #2961
feat(checker): New checker request - GNU emacs by @bcieszko in #2941
chore: update SBOM for Python 3.7 by @github-actions in #3025
chore: update SBOM for Python 3.10 by @github-actions in #3024
chore: update SBOM for Python 3.9 by @github-actions in #3023
chore: update SBOM for Python 3.8 by @github-actions in #3022
chore: update SBOM for Python 3.11 by @github-actions in #3021
[StepSecurity] Apply security best practices by @step-security-bot in #3031
fix: Enhance SBOM docs (fixes #2922) by @offsake in #3029
ci: adjust dependabot config to limit false positives by @terriko in #3033
chore: update checkers table by @github-actions in #3026
chore: bump to dev version 3.2.2dev0 by @terriko in #3019
chore(deps): bump actions/dependency-review-action from 2.5.1 to 3.0.4 by @dependabot in #3034
chore: update SBOM for Python 3.7 by @github-actions in #3040
chore: update SBOM for Python 3.8 by @github-actions in #3039
chore: update SBOM for Python 3.9 by @github-actions in #3038
chore: update SBOM for Python 3.11 by @github-actions in #3037
chore: update SBOM for Python 3.10 by @github-actions in #3036
feat(checker): add mini_httpd checker by @ffontaine in #3020
feat(checker): add libmicrohttpd checker by @ffontaine in #3014
ci: fix dependabot config by @terriko in #3041
chore: update pre-commit config by @github-actions in #2968
feat(checker): add cpio checker by @ffontaine in #3013
ci: Harden GitHub Actions [StepSecurity] by @step-security-bot in #3043
feat(checker): add sngrep checker by @ffontaine in #3035
feat(checker): add fluidsynth checker by @ffontaine in #3012
feat(checker): add pixman checker by @ffontaine in #3010
feat(checker): add ldns checker by @ffontaine in #3004
feat(checker): add gzip checker by @ffontaine in #2998
chore: update checkers table by @github-actions in #3044
ci: Dependabot "duplicated" lines and ignore "*" by @terriko in #3045
chore(deps): bump github/codeql-action from 2.1.27 to 2.3.5 by @dependabot in #3049
chore(deps): bump actions/dependency-review-action from 3.0.4 to 3.0.6 by @dependabot in #3051
chore(deps): bump actions/checkout from 3.1.0 to 3.5.2 by @dependabot in #3050
chore: update pre-commit config by @github-actions in #3048
ci: pin dependency-review linux, fix dependabot by @terriko in #3055
feat(checker): add gdk-pixbuf checker by @ffontaine in #3011
feat(checker): add libtasn1 checker by @ffontaine in #3000
feat(checker): add dmidecode checker by @ffontaine in #2997
feat(checker): add libgd checker by @ffontaine in #2978
feat: merged report content change and comments added in html reports by @gvozzolo in #2913
feat: add support for pgp signing (#2577) by @b31ngd3v in #2882
chore: update checkers table by @github-actions in #3061
chore: update SBOM for Python 3.8 by @github-actions in #3070
chore: update SBOM for Python 3.7 by @github-actions in #3069
chore: update SBOM for Python 3.10 by @github-actions in #3068
chore: update SBOM for Python 3.9 by @github-actions in #3067
chore: update SBOM for Python 3.11 by @github-actions in #3066
ci: up timeouts on short and long tests by @terriko in #3072
feat(checker): add udisks checker by @ffontaine in #2999
feat(scanner): slight update in version display by @ffontaine in #3063
feat(checker): add readline checker by @ffontaine in #2976
feat(checker): add ntfs-3g checker by @ffontaine in #2973
feat(checker): add ngircd checker by @ffontaine in #3003
feat(checker): add libmodbus checker by @ffontaine in #3002
feat(checker): add coreutils checker by @ffontaine in #3001
fix: improve openssl checker by @ffontaine in #2987
chore(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2 by @dependabot in #3052
chore: update SBOM for Python 3.8 by @github-actions in #3082
fix: root file path of vulnerable component is missing by @b31ngd3v in #3088
chore: update SBOM for Python 3.9 by @github-actions in #3081
chore: update SBOM for Python 3.10 by @github-actions in #3080
chore: update SBOM for Python 3.11 by @github-actions in #3079
chore: update SBOM for Python 3.7 by @github-actions in #3078
chore: update checkers table by @github-actions in #3073
chore(deps): bump step-security/harden-runner from 2.4.0 to 2.4.1 by @dependabot in #3090
chore(deps-dev): bump pre-commit from 3.3.2 to 3.3.3 by @dependabot in #3087
chore(deps): bump github/codeql-action from 2.3.5 to 2.20.0 by @dependabot in #3086
chore(deps): bump peter-evans/create-pull-request from 5.0.1 to 5.0.2 by @dependabot in #3085
chore(deps): bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #3084
fix: improve luajit checker by @ffontaine in #2993
fix: improve gimp checker by @ffontaine in #2992
ci: Automatically committing/suggesting linter fixes for PRs by @metabiswadeep in #3017
chore(deps): bump sphinx from 4.4.0 to 7.0.1 in /doc by @dependabot in #3056
fix: improve nghttp2 checker by @ffontaine in #2991
docs: adding database schema by @Rexbeast2 in #3097
chore(deps): bump github/codeql-action from 2.20.0 to 2.20.1 by @dependabot in #3098
fix: fix xerces CPE ID by @ffontaine in #2932
docs: including doc in build by @Rexbeast2 in #3102
chore: update SBOM for Python 3.8 by @github-actions in #3111
chore: update SBOM for Python 3.11 by @github-actions in #3110
chore: update SBOM for Python 3.7 by @github-actions in #3109
chore: update SBOM for Python 3.10 by @github-actions in #3108
chore: update SBOM for Python 3.9 by @github-actions in #3107
fix: report is not generated when no CVEs detected (#3028) by @b31ngd3v in #3075
ci: dedeuplicate usage of codeql by @metabiswadeep in #3100
feat: adding epss data by @Rexbeast2 in #3104
feat: updating schema by @Rexbeast2 in #3106
chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in #3112
chore: removing support for Python3.7 by @Rexbeast2 in #2655
fix: fetch cves from mirror not working by @b31ngd3v in #3122
chore: update SBOM for Python 3.8 by @github-actions in #3126
chore: update SBOM for Python 3.9 by @github-actions in #3125
chore: update SBOM for Python 3.11 by @github-actions in #3124
chore: update SBOM for Python 3.10 by @github-actions in #3123
fix: improve dnsmasq checker by @ffontaine in #3121
chore: update pre-commit config by @github-actions in #3120
refactor: improve explanation of cve year parsing by @b31ngd3v in #3132
ci: set explicit permissions for coverity.yml by @terriko in #3060
docs: update openssf scorecard link in README.md by @yr1404 in #3129
chore(deps): bump github/codeql-action from 2.20.1 to 2.20.2 by @dependabot in #3127
chore: update SBOM for Python 3.9 by @github-actions in #3141
chore: update SBOM for Python 3.10 by @github-actions in #3140
chore: update SBOM for Python 3.8 by @github-actions in #3139
chore: update SBOM for Python 3.11 by @github-actions in #3138
feat: adding EPSS data by @Rexbeast2 in #3130
fix: Update SPDX Version handling by @anthonyharrison in #3137
fix: refactor insert queries by @Rexbeast2 in #3145
chore(deps): bump github/codeql-action from 2.20.2 to 2.20.3 by @dependabot in #3135
fix: Database records being lost (fixes #3150) by @anthonyharrison in #3151
chore(deps-dev): bump black from 23.3.0 to 23.7.0 by @dependabot in #3149
chore: exclude autobuild step by @chillerno1 in #3134
test: fix tests broken by improved data by @terriko in #3160
ci: extend cache timeout, disable failing test by @terriko in #3168
chore(deps): bump actions/setup-python from 4.6.1 to 4.7.0 by @dependabot in #3158
chore(deps): bump github/codeql-action from 2.20.3 to 2.21.0 by @dependabot in #3171
chore: Add new checker request issue template by @terriko in #3155
ci: add cve-bin-tool-action by @b31ngd3v in #3156
chore: SBOM updates july24 by @terriko in #3174
chore(deps): bump sphinx from 7.0.1 to 7.1.0 by @dependabot in #3176
chore(deps): bump step-security/harden-runner from 2.4.1 to 2.5.0 by @dependabot in #3175
feat: Populate cvss by @Rexbeast2 in #3147
chore(deps): bump sphinx from 7.1.0 to 7.1.1 in /doc by @dependabot in #3184
fix: import json flag by @b31ngd3v in #3192
chore(deps): bump github/codeql-action from 2.21.0 to 2.21.2 by @dependabot in #3190
chore(deps-dev): bump flake8 from 6.0.0 to 6.1.0 by @dependabot in #3191
chore(deps): bump sphinx from 7.1.1 to 7.1.2 by @dependabot in #3195
feat: Add User-Agent for mirroring by @terriko in #3183
chore: update SBOM for Python 3.8 by @github-actions in #3189
chore: update SBOM for Python 3.9 by @github-actions in #3188
chore: update SBOM for Python 3.10 by @github-actions in #3187
chore: update SBOM for Python 3.11 by @github-actions in #3186
chore: update SBOM for Python 3.9 by @github-actions in #3206
chore: update SBOM for Python 3.10 by @github-actions in #3205
chore: update SBOM for Python 3.11 by @github-actions in #3204
chore: update SBOM for Python 3.8 by @github-actions in #3203
feat: Update queries by @Rexbeast2 in #3172
fix: update libksba CPE ID by @ffontaine in #3217
fix: update nodejs semver in test files to avoid warning by @terriko in #3207
feat: adding EPSS to console table by @Rexbeast2 in #3224
feat: Include EPSS in JSON and CSV output by @Rexbeast2 in #3211
chore(deps): bump github/codeql-action from 2.21.2 to 2.21.3 by @dependabot in #3218
chore(deps): bump step-security/harden-runner from 2.5.0 to 2.5.1 by @dependabot in #3226
chore(deps): bump actions/dependency-review-action from 3.0.6 to 3.0.7 by @dependabot in #3227
feat(checker): add dav1d checker by @ffontaine in #3228
feat(checker): add libcoap checker by @ffontaine in #3229
feat(checker): add bwm-ng checker by @ffontaine in #3230
docs: change master to main in sample github action by @VishnuSanal in #3246
fix: enable gimp tests by @ffontaine in #3239
chore: Add additional issue templates by @terriko in #3236
fix: split curl and libcurl checkers by @ffontaine in #3238
chore: remove dependency on py by @terriko in #3235
feat: Adding epss into HTML output by @Rexbeast2 in #3234
docs: adding epss by @Rexbeast2 in #3233
feat: including metric table in Console by @Rexbeast2 in #3215
feat: include EPSS metrics in output PDF by @Rexbeast2 in #3213
fix: handling of product versions and vendor name guessing by @rhythmrx9 in #3225
fix: enable ceph tests by @ffontaine in #3251
chore: update SBOM for Python 3.8 by @github-actions in #3249
chore: update SBOM for Python 3.10 by @github-actions in #3248
chore: update SBOM for Python 3.11 by @github-actions in #3247
fix: ignore non-vulnerable CPEs from NVD CVEs by @gluesmith2021 in #3245
fix: fix typo in curl_source.py by @ffontaine in #3258
chore: update SBOM for Python 3.9 by @github-actions in #3250
fix: osv version parsing by @b31ngd3v in #3261
chore(deps): bump sphinx from 7.1.2 to 7.2.0 in /doc by @dependabot in #3263
chore(deps): bump actions/dependency-review-action from 3.0.7 to 3.0.8 by @dependabot in #3257
chore(deps): bump github/codeql-action from 2.21.3 to 2.21.4 by @dependabot in #3253
feat: enhance products with no identified vulnerabilities by @ffontaine in #3254
fix: blank path gets added when using triage_input_file option by @b31ngd3v in #3264
chore(deps): bump sphinx from 7.2.0 to 7.2.2 by @dependabot in #3266
fix: rename expat checker by @ffontaine in #3256
feat: epss percentile filter by @Rexbeast2 in #3244
docs: basic architecture by @Rexbeast2 in #3240
feat: use cveb.in mirror by default by @b31ngd3v in #3265
chore: update checkers table by @github-actions in #3237
chore: update SBOM for Python 3.8 by @github-actions in #3271
chore: update SBOM for Python 3.10 by @github-actions in #3270
chore: update SBOM for Python 3.11 by @github-actions in #3269
chore: update SBOM for Python 3.9 by @github-actions in #3268
fix: probability word spellling by @0o001 in #3274
ci: use cveb.in mirror in cve-bin-tool-action by @b31ngd3v in #3282
fix: spelling issue by @ffontaine in #3281
docs: cve-bin-tool-action links & instructions by @b31ngd3v in #3276
chore(deps): bump sphinx from 7.2.2 to 7.2.3 in /doc by @dependabot in #3280
feat: add CPE summary (without latest stable release) by @ffontaine in #3277
feat: adding EPSS probability filter by @Rexbeast2 in #3273
chore: update pre-commit and fix linter errors by @metabiswadeep in #3308
fix: fix products with no identified vulnerabilities by @ffontaine in #3300
feat: sort CPE summary by @ffontaine in #3316
chore: update pre-commit config by @github-actions in #3302
feat(checker): add GNU grep by @ffontaine in #3294
feat(checker): add terminology checker by @ffontaine in #3295
fix: add additional openssh CPE ID by @ffontaine in #3291
fix: add additional iperf3 CPE ID by @ffontaine in #3290
feat(checker): add ed checker by @ffontaine in #3296
chore: update SBOM for Python 3.10 by @github-actions in #3311
docs: updated version of cycloneDX #3272 by @kumaryogesh17 in #3285
feat(checker): add gdal checker by @ffontaine in #3297
chore: update SBOM for Python 3.9 by @github-actions in #3312
chore: update SBOM for Python 3.8 by @github-actions in #3310
chore: update SBOM for Python 3.11 by @github-actions in #3309
chore(deps-dev): bump pre-commit from 3.3.3 to 3.4.0 by @dependabot in #3314
ci: switch to a faster Black mirror by @Molkree in #3342
chore(deps): bump github/codeql-action from 2.21.4 to 2.21.7 by @dependabot in #3341
chore: update SBOM for Python 3.10 by @github-actions in #3346
chore: update SBOM for Python 3.9 by @github-actions in #3345
chore: update SBOM for Python 3.8 by @github-actions in #3344
chore: update SBOM for Python 3.11 by @github-actions in #3343
chore(deps): bump actions/dependency-review-action from 3.0.8 to 3.1.0 by @dependabot in #3319
chore(deps): bump actions/cache from 3.3.1 to 3.3.2 by @dependabot in #3320
chore(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #3318
chore: update checkers table by @github-actions in #3324
fixed : #3347 by @r0ckYr in #3350
chore(deps): bump actions/checkout from 3.5.3 to 4.0.0 by @dependabot in #3315
feat(checker): add hwloc checker by @ffontaine in #3340
chore(deps): bump github/codeql-action from 2.21.7 to 2.21.8 by @dependabot in #3352
chore: update checkers table by @github-actions in #3351
ci: Remove dependabot ignores by @terriko in #3348
feat(checker): add civetweb checker by @ffontaine in #3298
feat(checker): add qpdf checker by @ffontaine in #3299
feat(checker): add mpg123 checker by @ffontaine in #3301
feat(checker): add minetest checker by @ffontaine in #3303
feat(checker): add rpm checker by @ffontaine in #3304
feat(checker): add mupdf checker by @ffontaine in #3305
feat(checker): add axel checker by @ffontaine in #3306
feat(checker): add monit checker by @ffontaine in #3307
fix: mypy-errors in helper_script.py (#2763) by @Tengas in #2873
docs: specify docs build.os by @terriko in #3349
chore: update checkers table by @github-actions in #3354
chore(deps): bump sphinx from 7.2.3 to 7.2.6 in /doc by @dependabot in #3338
chore: update SBOM for Python 3.9 by @github-actions in #3358
chore: update SBOM for Python 3.10 by @github-actions in #3357
chore: update SBOM for Python 3.8 by @github-actions in #3356
chore: update SBOM for Python 3.11 by @github-actions in #3355
chore(deps): bump github/codeql-action from 2.21.8 to 2.21.9 by @dependabot in #3363
chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #3359
feat(checker): extended BindChecker by @sw-sdiepold in #3353
test: improve flaky java language scanner test by @terriko in #3362
chore: update SBOM for Python 3.9 by @github-actions in #3371
chore: update SBOM for Python 3.11 by @github-actions in #3370
chore: update SBOM for Python 3.10 by @github-actions in #3369
chore: update SBOM for Python 3.8 by @github-actions in #3368
chore(deps): bump actions/setup-python from 4.7.0 to 4.7.1 by @dependabot in #3375
chore(deps): bump step-security/harden-runner from 2.5.1 to 2.6.0 by @dependabot in #3376
docs: Add missing docstrings fetch_json_db.py by @Niloth-p in #3381
Fix : add missing docstrings to package_list_parser.py #3377 by @Swarno-Coder in #3382
ci: add conditional execution for SBOM workflow on the main repository. by @rudrakshkarpe in #3389
feat: Add purl support for SBOMs by @anthonyharrison in #3373
chore: update SBOM for Python 3.9 by @github-actions in #3402
chore: update SBOM for Python 3.10 by @github-actions in #3401
chore: update SBOM for Python 3.8 by @github-actions in #3400
chore: update SBOM for Python 3.11 by @github-actions in #3399
feat(checker): add dosfstools by @sw-sdiepold in #3391
feat(checker): add debianutils by @sw-sdiepold in #3390
docs: add missing docstrings to cvedb.py by @reginareynolds in #3392
feat(checker): gawk checker by @sw-sdiepold in #3395
feat(checker): enhance e2fsprogs by @sw-sdiepold in #3396
feat(checker): add twonky_server by @ffontaine in #3408
chore(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in #3403
chore(deps): bump github/codeql-action from 2.21.9 to 2.22.1 by @dependabot in #3406
chore(deps): bump stefanzweifel/git-auto-commit-action from 4.16.0 to 5.0.0 by @dependabot in #3404
docs: add missing docstrings to cli.py by @bkpecho in #3387
docs: add missing docstrings to log.py #3383 by @NabhiA in #3388
fix: improve hostapd checker by @ffontaine in #3413
fix: improve tcpdump checker by @ffontaine in #3414
chore: update checkers table by @github-actions in #3411
feat: fuzz testing PythonRequirementsParser by @raffifu in #3397
fix: improve samba checker by @ffontaine in #3426
chore: update SBOM for Python 3.10 by @github-actions in #3424
chore: update SBOM for Python 3.8 by @github-actions in #3423
chore: update SBOM for Python 3.11 by @github-actions in #3421
chore: update SBOM for Python 3.9 by @github-actions in #3422
chore(deps): bump github/codeql-action from 2.22.1 to 2.22.3 by @dependabot in #3427
feat: add latest upstream stable version in CPE summary by @ffontaine in #3267
ci: Add condition to skip job when PR author is Bot by @raffifu in #3433
chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #3432
updating docstring with formatted with black. requesting new PR for version_scanner.py by @rabroldan in #3429
docs: streamline readme file and reorg docs by @terriko in #3438
ci: Remove unused update_database workflow by @raffifu in #3439
feat: fuzz testing for JavaScript language parser by @raffifu in #3440
fix: pre-commit-config file by @mastersans in #3441
fix: do not hardcode console width by @ffontaine in #3451
chore(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in #3450
docs: add missing docstrings to async_utils.py by @pranshu-raj-211 in #3442
feat: fuzz testing for GoModParser by @mastersans in #3434
test: add non-debian based test for dosfstools in #3444
chore(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 by @dependabot in #3458
chore: update SBOM for Python 3.8 by @github-actions in #3449
fix: Consistency of EPSS reporting (fixes #3461) by @anthonyharrison in #3462
chore: update SBOM for Python 3.9 by @github-actions in #3448
chore: update SBOM for Python 3.10 by @github-actions in #3447
ci: github actions for fuzz testing by @mastersans in #3467
docs: added missing GAD_Source docstrings by @pbelokon in #3469
test: re-enable test_SBOM in test_cli.py by @Anurag-Nagpal in #3474
ci: skip running tests on bot-generated sboms by @terriko in #3468
feat(checker): add zchunk by @ffontaine in #3481
chore: update SBOM for Python 3.9 by @github-actions in #3484
chore: update SBOM for Python 3.10 by @github-actions in #3483
chore: update SBOM for Python 3.11 by @github-actions in #3446
chore: update SBOM for Python 3.8 by @github-actions in #3485
feat: fuzz testing RustParser by @mastersans in #3479
test: add non-debian based tests for gawk by @donheshanthaka in #3482
Update cve_scan.yml by @CrypticRevenger in #3492
Testing CVE-Bin-Tool with Python 3.12 on Github by @Ferdinand-Ogama in #3445
fix: Added None checks for parsed purls (fixes #3478) by @weichslgartner in #3490
Ci: Change workflows to use python 3.11 by @Virtual4087 in #3496
chore: add interrogate to linters called by pre-commit by @ha36d in #3491
chore(deps): bump actions/setup-python from 2 to 4 by @dependabot in #3472
chore(deps-dev): bump mypy from v1.5.1 to 1.6.1 by @dependabot in #3435
chore(deps-dev): bump pre-commit from 3.4.0 to 3.5.0 by @dependabot in #3425
chore(deps): bump actions/checkout from 2 to 4 by @dependabot in #3471
chore: update pre-commit config by @github-actions in #3365
chore(deps): bump github/codeql-action from 2.22.4 to 2.22.5 by @dependabot in #3486
docs: add missing docstrings to data_sources/gad_source.py #3466 by @shivam200446 in #3488
docs: add missing docstrings to output_engine/init.py by @AryanBakliwal in #3480
chore(deps): bump check-spelling/check-spelling from 0.0.21 to 0.0.22 by @dependabot in #3364
fix: KeyError in format_data function by @joydeep049 in #3452
docs: add missing docstrings to data_sources/curl_source.py #3464 by @shivam200446 in #3489
test: enable package list by @joydeep049 in #3506
chore(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.1 by @dependabot in #3507
feat(checker): add traceroute checker by @ffontaine in #3501
chore: update SBOM for Python 3.11 by @github-actions in #3505
chore: update SBOM for Python 3.10 by @github-actions in #3504
chore: update SBOM for Python 3.8 by @github-actions in #3503
chore: update SBOM for Python 3.9 by @github-actions in #3502
chore: update checkers table by @github-actions in #3509
chore(deps): bump actions/dependency-review-action from 3.1.1 to 3.1.2 by @dependabot in #3511
feat(console): sort CPE summary by product by @ffontaine in #3521
chore: update SBOM for Python 3.9 by @github-actions in #3518
chore: update SBOM for Python 3.8 by @github-actions in #3517
chore: update SBOM for Python 3.10 by @github-actions in #3516
chore: update SBOM for Python 3.11 by @github-actions in #3515
chore(deps): bump actions/dependency-review-action from 3.1.2 to 3.1.3 by @dependabot in #3522
feat: fuzz testing JavaParser by @joydeep049 in #3514
chore(deps): bump github/codeql-action from 2.22.5 to 2.22.6 by @dependabot in #3523
fix: create new version comparison function by @terriko in #3470
fix: improve gdb checker by @ffontaine in #3520
chore(deps): bump conda-incubator/setup-miniconda from 2.2.0 to 2.3.0 by @dependabot in #3534
chore(deps): bump step-security/harden-runner from 2.6.0 to 2.6.1 by @dependabot in #3526
chore: update SBOM for Python 3.8 by @github-actions in #3531
chore: update SBOM for Python 3.9 by @github-actions in #3530
chore: update SBOM for Python 3.11 by @github-actions in #3529
chore: update SBOM for Python 3.10 by @github-actions in #3528
fix: Use of NVD api 2.0 (fixes #3541) by @anthonyharrison in #3544
chore: update to pre-release version number by @terriko in #3551
chore(deps): bump actions/dependency-review-action from 3.1.3 to 3.1.4 by @dependabot in #3546
chore(deps): bump conda-incubator/setup-miniconda from 2.3.0 to 3.0.1 by @dependabot in #3549
typo in issue template by @perrinjerome in #3557
test_version_compare: use different pytest.raises for each instruction by @perrinjerome in #3555
version_compare: support + in versions by @perrinjerome in #3554
chore: update SBOM for Python 3.8 by @github-actions in #3563
chore: update SBOM for Python 3.9 by @github-actions in #3562
chore: update SBOM for Python 3.11 by @github-actions in #3561
chore: update SBOM for Python 3.10 by @github-actions in #3560
feat(checker): add exfatprogs checker by @ffontaine in #3542
chore: update checkers table by @github-actions in #3564
chore(deps): bump actions/setup-python from 4 to 5 by @dependabot in #3567
fix: improve version_compare to drop hashes by @terriko in #3566
chore: update SBOM for Python 3.10 by @github-actions in #3574
chore: update SBOM for Python 3.9 by @github-actions in #3573
chore: update SBOM for Python 3.8 by @github-actions in #3572
chore: update SBOM for Python 3.11 by @github-actions in #3571
chore(deps): bump github/codeql-action from 2.22.6 to 2.22.9 by @dependabot in #3568
fix: improve openssl checker by @ffontaine in #3569
feat(checker): add tesseract checker by @ffontaine in #3570
fix: update mosquitto pattern by @ffontaine in #3580
chore(deps-dev): bump pre-commit from 3.5.0 to 3.6.0 by @dependabot in #3577
chore: update checkers table by @github-actions in #3584
fix: improve version_compare logic by @terriko in #3548
fix: non-alphanumeric characters as separators by @terriko in #3565
feat(checker): add libevent checker by @ffontaine in #3587
fix: remove resizeGraph function by @terriko in #3585
feat(checker): add zstandard checker by @ffontaine in #3590
feat(checker): add xwayland checker by @ffontaine in #3591
feat(checker): add vlc checker by @ffontaine in #3593
chore: update checkers table by @github-actions in #3589
fix: remove cases of resizeGraph from examples by @terriko in #3592
chore: update SBOM for Python 3.9 by @github-actions in #3623
chore: update SBOM for Python 3.8 by @github-actions in #3622
chore: update SBOM for Python 3.10 by @github-actions in #3621
chore: update SBOM for Python 3.11 by @github-actions in #3620
feat(checker): add protobuf-c checker by @ffontaine in #3596
feat: disable metrics by default by @ffontaine in #3618
feat(checker): add socat checker by @ffontaine in #3597
fix: improve lua checker by @ffontaine in #3598
feat(checker): add tar checker by @ffontaine in #3600
feat(checker): add libvpx checker by @ffontaine in #3602
fix: drop wrong gnutls VENDOR_PRODUCT by @ffontaine in #3604
fix: update squashfs VENDOR_PRODUCT by @ffontaine in #3605
fix: update tor VENDOR_PRODUCT by @ffontaine in #3606
fix: update gawk pattern by @ffontaine in #3607
feat(checker): add lrzip checker by @ffontaine in #3608
fix: update glibc pattern by @ffontaine in #3611
fix: update zsh pattern by @ffontaine in #3613
fix: improve gdb pattern by @ffontaine in #3614
chore: bump version for 3.3 release by @terriko in #3630
fix: update coreutils pattern by @ffontaine in #3616
fix: update binutils pattern by @ffontaine in #3615
fix: update bison pattern by @ffontaine in #3617
feat(checker): add mbedtls checker by @ffontaine in #3619
feat(checker): add php checker by @ffontaine in #3627
fix: drop gpgme CPE ID without CVEs by @ffontaine in #3632
fix: drop rsync CPE ID without CVEs by @ffontaine in #3634
fix: drop netatalk CPE ID without CVEs by @ffontaine in #3635
feat(checker): add jq checker by @ffontaine in #3636
feat(checker): add libheif checker by @ffontaine in #3641
chore: update checkers table by @github-actions in #3624
docs: Updated examples in sbom_generation.md by @Mayankrai449 in #3640
feat(checker): add heimdal checker by @ffontaine in #3643
feat(checker): add libde265 checker by @ffontaine in #3645
ci: fix sbom test skipping logic by @terriko in #3631
chore: update checkers table by @github-actions in #3647
docs: add cmd for installing the cve-tool in virtualenv by @ayushthe1 in #3649
fix: update detailed description by @ffontaine in #3650
feat: Enable metrics if epss-{percentile,probability} is set by @ffontaine in #3642
chore: update SBOM for Python 3.8 by @github-actions in #3669
chore: update SBOM for Python 3.11 by @github-actions in #3668
chore: update SBOM for Python 3.9 by @github-actions in #3667
chore: update SBOM for Python 3.10 by @github-actions in #3666
test: temporarily disable failing tests by @terriko in #3655
fix: temporary disabling due to #3674 by @terriko in #3676
test: added test for OutputEngine with metrics=False by @mastersans in #3672
fix: Deprecate NVD API 1.0 by @akshatgokul in #3671
docs: add PHP launguage specification to docs by @Mahhheshh in #3665
feat: Fuzz Testing RParser by @joydeep049 in #3664
docs: Clarifying use of --metrics and epss options by @Mayankrai449 in #3663
chore: update spdx header by @github-actions in #3679
chore: update js dependencies by @github-actions in #3680
docs: Add appropriate docstring to output_engine/print_mode.py (#3457) by @aptitudepi in #3677
chore: update pre-commit config by @github-actions in #3678
docs(README.md): updated options list in README.md by @DEVESH-N2 in #3662
ci: add interrogate to github actions & exclude some directories by @ayushthe1 in #3612
feat(checker): add iwd checker by @ffontaine in #3660
chore: add template for docstrings issues by @terriko in #3685
chore: update SBOM for Python 3.9 by @github-actions in #3691
chore: update SBOM for Python 3.8 by @github-actions in #3690
chore: update SBOM for Python 3.10 by @github-actions in #3689
chore: update SBOM for Python 3.11 by @github-actions in #3688
chore: update checkers table by @github-actions in #3686
fix: add additional CPE IDs to faad2 by @ffontaine in #3699
chore(deps): bump actions/dependency-review-action from 3.1.4 to 3.1.5 by @dependabot in #3695
feat(checker): add netdata checker by @ffontaine in #3648
chore: fix broken docstrings issue template by @terriko in #3702
feat(checker): add micropython checker by @ffontaine in #3704
chore: update SBOM for Python 3.8 by @github-actions in #3709
chore: update SBOM for Python 3.9 by @github-actions in #3708
chore: update SBOM for Python 3.11 by @github-actions in #3707
chore: update SBOM for Python 3.10 by @github-actions in #3706
chore: update checkers table by @github-actions in #3703
feat: test handling of ~= in requirements.txt and add it to docs by @ayushthe1 in #3610
ci: improve interrogate/pre-commit config by @terriko in #3714
fix: [Snyk] Security upgrade pillow from 9.5.0 to 10.0.1 by @terriko in #3601
test: re-enable failing tests from #3653 by @terriko in #3720
fix: fail gracefully for npm .package-lock.json files by @terriko in #3654
chore: update SBOM for Python 3.9 by @github-actions in #3732
chore: update SBOM for Python 3.8 by @github-actions in #3731
chore: update SBOM for Python 3.11 by @github-actions in #3730
chore: update SBOM for Python 3.10 by @github-actions in #3729
chore(deps): bump actions/cache from 3.3.2 to 4.0.0 by @dependabot in #3739
feat(checker): add go checker by @ffontaine in #3651
docs: add docstrings to cve-bin-tool/util by @Mahhheshh in #3715
chore(deps): bump github/codeql-action from 2.22.9 to 3.23.0 by @dependabot in #3705
docs: added docstring to swid_parser.py by @Mahhheshh in #3716
feat: Fuzz testing PerlParser by @joydeep049 in #3725
chore: update checkers table by @github-actions in #3740
fix: improve robustness of version compare by @terriko in #3694
chore: update SBOM for Python 3.8 by @github-actions in #3749
chore: update SBOM for Python 3.9 by @github-actions in #3748
chore: update SBOM for Python 3.10 by @github-actions in #3747
chore: update SBOM for Python 3.11 by @github-actions in #3746
chore: set version to 3.3rc2 for pre-release by @terriko in #3750
docs: added docstrings to cve_bin_tool/strings.py by @inosmeet in #3717
chore(deps): bump actions/dependency-review-action from 3.1.5 to 4.0.0 by @dependabot in #3744
chore(deps): bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in #3742
feat: Fuzz testing PhpParser by @joydeep049 in #3724
docs: Added docstrings to cve_bin_tool/data_sources/redhat_source.py by @Mayankrai449 in #3719
docs: added interrogate to list of linters in CONTRIBUTING.md by @DEVESH-N2 in #3693
fix: removed nvd api 1.0 code by @mastersans in #3599
chore(deps): bump codecov/codecov-action from 3.1.4 to 3.1.5 by @dependabot in #3754
chore(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in #3763
chore: update SBOM for Python 3.8 by @github-actions in #3762
chore: update SBOM for Python 3.9 by @github-actions in #3761
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3760
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3759
ci: set default permissions on workflows by @terriko in https://github.com/intel/cve-bin-tool/pull/3765
ci: Add python 3.12 with fix from @milinddethe15 by @terriko in https://github.com/intel/cve-bin-tool/pull/3766
feat: Generate SBOM for Python 3.12 by @anthonyharrison in https://github.com/intel/cve-bin-tool/pull/3697
fix: update darkhttpd VENDOR_PRODUCT by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3758
fix: update frr VENDOR_PRODUCT by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3757
fix: enhance u-boot checker by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3756
test: added test_get_version_map by @mastersans in https://github.com/intel/cve-bin-tool/pull/3687
feat: Add FOSDEM 2024 presentation by @anthonyharrison in https://github.com/intel/cve-bin-tool/pull/3783
docs: Deployment best practices guide by @terriko in https://github.com/intel/cve-bin-tool/pull/3780
chore(deps): bump step-security/harden-runner from 2.6.1 to 2.7.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3767
chore(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3792
fix: add additional CPE ID to yasm by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3789
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3791
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3790
feat(checker): add libvips checker by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3788
fix: add additional CPE ID to c-ares by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3787
fix: add additional CPE ID to json-c by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3786
feat: Using tomllib instead of toml in python 3.11 and later deployments by @DEVESH-N2 in https://github.com/intel/cve-bin-tool/pull/3785
chore(deps): bump peter-evans/create-pull-request from 5.0.2 to 6.0.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3776
chore(deps): bump actions/upload-artifact from 3.1.3 to 4.3.1 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3794
chore(deps): bump codecov/codecov-action from 3.1.5 to 4.0.1 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3782
chore: update checkers table by @github-actions in https://github.com/intel/cve-bin-tool/pull/3793
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3797
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3796
feat: Fuzz Testing PythonParser by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3737
feat: Fuzz Testing RubyParser by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3736
feat: sbom auto detection for command line by @mastersans in https://github.com/intel/cve-bin-tool/pull/3734
fix: fixed quiet_mode test to ignore unimportant logs by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3795
feat: Fuzz Testing SwiftParser by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3728
fix: use tarfile extract filters to open tarfiles more safely by @terriko in https://github.com/intel/cve-bin-tool/pull/3769
chore: update pre-commit config by @github-actions in https://github.com/intel/cve-bin-tool/pull/3772
fix: initialize data_source when NVD is disabled by @Mayankrai449 in https://github.com/intel/cve-bin-tool/pull/3814
chore(deps): bump haya14busa/action-cond from 1.1.1 to 1.2.1 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3809
chore(deps-dev): bump pre-commit from 3.6.0 to 3.6.1 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3808
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3807
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3806
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3805
fix: update exim pattern by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3804
fix: handle is_symlink PermissionError by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3819
fix: fix network connection related fails of quiet_mode by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3802
chore: add blank 3.12 sboms by @terriko in https://github.com/intel/cve-bin-tool/pull/3811
fix: resolve errors of fuzzing job fuzz_cyclonedx by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3822
fix: make config generator robust by @mastersans in https://github.com/intel/cve-bin-tool/pull/3803
chore: update SBOM for Python 3.8 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3828
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3827
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3826
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3825
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3824
docs: Add tip about python -m pytest #3816 by @M0be in https://github.com/intel/cve-bin-tool/pull/3831
chore(deps): bump codecov/codecov-action from 4.0.1 to 4.0.2 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3867
docs: links/slides for old presentations by @terriko in https://github.com/intel/cve-bin-tool/pull/3810
chore: update SBOM for Python 3.8 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3865
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3864
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3863
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3861
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3862
chore(deps): bump github/codeql-action from 3.24.0 to 3.24.5 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3866
docs: Added correct pip install command for virtual environments by @HamzaMateen in https://github.com/intel/cve-bin-tool/pull/3852
docs: Add docstrings to cve_bin_tool/data_sources/rsd_source.py by @derekmarion in https://github.com/intel/cve-bin-tool/pull/3781
docs: add docstrings for fuzzing modules by @Mahhheshh in https://github.com/intel/cve-bin-tool/pull/3741
docs: Added docstrings to cve_bin_tool/input_engine.py by @tahifahimi in https://github.com/intel/cve-bin-tool/pull/3774
fix: set default width for console output by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3855
fix: update sbom generation link by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3847
chore(deps-dev): bump pre-commit from 3.6.1 to 3.6.2 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3838
chore(deps): bump codecov/codecov-action from 4.0.2 to 4.1.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3872
fix: Updated the OSV data source to ignore the new icons directory by @cinix in https://github.com/intel/cve-bin-tool/pull/3871
fix: resolve errors of fuzzing job fuzz_intermediate_report_merge by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3857
feat(checker): add libuv checker by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3856
ci: fixed issue in .github/workflows/cve_bin_tool_action.yml by @Mayankrai449 in https://github.com/intel/cve-bin-tool/pull/3898
chore(deps): bump actions/cache from 4.0.0 to 4.0.1 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3890
chore(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3889
chore: update checkers table by @github-actions in https://github.com/intel/cve-bin-tool/pull/3886
chore: update SBOM for Python 3.8 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3896
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3895
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3894
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3893
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3892
chore(deps): bump conda-incubator/setup-miniconda from 3.0.1 to 3.0.3 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3884
chore(deps): bump peter-evans/create-pull-request from 6.0.0 to 6.0.1 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3881
feat: add extraction enhancements to include binary identification by @jananir640 in https://github.com/intel/cve-bin-tool/pull/3812
test: OSV ecosystems to check for missing and extra ecosytems by @cinix in https://github.com/intel/cve-bin-tool/pull/3882
feat: dart language parser by @mastersans in https://github.com/intel/cve-bin-tool/pull/3860
fix: temp cleanup for fuzzing by @mastersans in https://github.com/intel/cve-bin-tool/pull/3902
chore(deps): bump vapier/coverity-scan-action from 1.7.0 to 1.8.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3901
chore: update pre-commit config by @github-actions in https://github.com/intel/cve-bin-tool/pull/3888
fix: Html report fix by @Mayankrai449 in https://github.com/intel/cve-bin-tool/pull/3906
feat: Retain the response and justification fields in VEX input by @cinix in https://github.com/intel/cve-bin-tool/pull/3880
fix: tempfile cleaning for Java Fuzzer by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3912
docs: add docs to cve_bin_tool/egg_updater.py(fix: #3878) by @abhijeetsourav in https://github.com/intel/cve-bin-tool/pull/3920
chore: update SBOM for Python 3.8 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3919
feat: Added fuzzing to DartParser by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3900
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3918
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3917
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3916
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3915
docs: Added docstrings to csv2cve.py (fixes #3877) by @antoninoLorenzo in https://github.com/intel/cve-bin-tool/pull/3914
docs: Add docstrings to pdfbuilder.py by @octonawish-akcodes in https://github.com/intel/cve-bin-tool/pull/3843
fix: tempfile cleanup for Go fuzzer by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3913
feat(checker): add snapd checker by @mastersans in https://github.com/intel/cve-bin-tool/pull/3820
feat(checker): add checker for Moby by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3753
fix: update snapd checker by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3927
fix: frozen when extracting .zip protected by password by @mastersans in https://github.com/intel/cve-bin-tool/pull/3837
feat(checker): add checker for Docker (#2059) by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3701
feat(checker): add System.net.http checker (#35) by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3700
chore: update checkers table by @github-actions in https://github.com/intel/cve-bin-tool/pull/3924
feat: added purl generation for go parser by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3833
feat: handle npm package-lock.json files correctly by @imsahil007 in https://github.com/intel/cve-bin-tool/pull/3745
chore(deps): bump peter-evans/create-pull-request from 6.0.1 to 6.0.2 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3926
chore(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3925
fix: improve bandit config #3830 by @harshittiwariii in https://github.com/intel/cve-bin-tool/pull/3885
chore: add interrogate checks for fuzz by @Error838 in https://github.com/intel/cve-bin-tool/pull/3935
chore: update checkers table by @github-actions in https://github.com/intel/cve-bin-tool/pull/3930
fix: config gen format by @Error838 in https://github.com/intel/cve-bin-tool/pull/3936
fix: fix typo of 'UNKNOWN' in console.py by @michaelwknott in https://github.com/intel/cve-bin-tool/pull/3940
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3950
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3949
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3948
chore: update SBOM for Python 3.8 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3947
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3946
refactor: convert ConfigGenerator class to config_generator function by @michaelwknott in https://github.com/intel/cve-bin-tool/pull/3955
chore(deps): bump github/codeql-action from 3.24.7 to 3.24.8 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3954
fix: Use colon as delimiter in CBT URN for better compatibility by @cinix in https://github.com/intel/cve-bin-tool/pull/3928
refactor: requests to happen in utils.py by @mastersans in https://github.com/intel/cve-bin-tool/pull/3953
docs: Add docstrings to validators.py by @mvp-2003 in https://github.com/intel/cve-bin-tool/pull/3952
chore(deps-dev): bump black from 24.2.0 to 24.3.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3951
fix: handle PermissionError on filetype.guess by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3958
feat: tempfile cleanup for RParser by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3944
fix: handle None for make_http_requests by @ffontaine in https://github.com/intel/cve-bin-tool/pull/3959
chore(deps): bump actions/cache from 4.0.1 to 4.0.2 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3956
fix: add tarfile test by @terriko in https://github.com/intel/cve-bin-tool/pull/3962
feat: added PURL generation for swift parser by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3957
feat: added PURL generation to ruby parser by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3939
fix: Added docstrings to validator.py by @devesh-2002 in https://github.com/intel/cve-bin-tool/pull/3891
chore: update SBOM for Python 3.8 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3977
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3976
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3975
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3974
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/3973
chore: update pre-commit config by @github-actions in https://github.com/intel/cve-bin-tool/pull/3993
feat: Update HTML report to use human-readable forms of Remarks type by @cinix in https://github.com/intel/cve-bin-tool/pull/3991
Trim the test/language_data/.package-lock.json down by @alevchenko12 in https://github.com/intel/cve-bin-tool/pull/3983
feat: added PURL generation to rust parser by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3859
feat: tempclean Ruby by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3943
feat: tempfile cleanup for python-requirements parser by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3966
feat: added tempclean for Php Fuzzer by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3967
feat: added tempclean for perl-fuzzer by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3971
feat: added tempclean to python-fuzzer by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3972
feat: added PURL generation to JavaParser by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3986
feat: added PURL generation to PerlParser by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3992
chore: add triage for false positives by @mastersans in https://github.com/intel/cve-bin-tool/pull/3969
chore(deps): bump actions/dependency-review-action from 4.0.0 to 4.1.3 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3846
feat: heuristic splitting on '-' for lookups by @mastersans in https://github.com/intel/cve-bin-tool/pull/3839
chore(deps): bump github/codeql-action from 3.24.8 to 3.24.9 by @dependabot in https://github.com/intel/cve-bin-tool/pull/3978
feat: add fix to prevent unknown vendor overwrite by @jananir640 in https://github.com/intel/cve-bin-tool/pull/3963
feat: PURL generation for PythonParser by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3945
feat: added PURL generation to JavascriptParser by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3987
test: added 0-cve display test by @joydeep049 in https://github.com/intel/cve-bin-tool/pull/3982
fix: windows needs python3.12 for tarfile support by @terriko in https://github.com/intel/cve-bin-tool/pull/4001
chore: update SBOM for Python 3.8 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4009
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4008
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4007
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4006
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4005
feat: update regex in python checker to match python3.11-3.11.x pattern by @jananir640 in https://github.com/intel/cve-bin-tool/pull/3994
feat: Add ability to read CPE identifiers from CycloneDX triage data by @cinix in https://github.com/intel/cve-bin-tool/pull/3990
fix: cpe validation and standardize tests data by @mastersans in https://github.com/intel/cve-bin-tool/pull/4014
chore: bump version to 3.3rc3 for pre-release by @terriko in https://github.com/intel/cve-bin-tool/pull/4011
refactor: database schema code by @inosmeet in https://github.com/intel/cve-bin-tool/pull/3968
chore: [Snyk] Security upgrade aiohttp from 3.8.6 to 3.9.2 by @terriko in https://github.com/intel/cve-bin-tool/pull/4020
chore: [Snyk] Security upgrade pillow from 9.5.0 to 10.3.0 by @terriko in https://github.com/intel/cve-bin-tool/pull/4018
chore: bump version to 3.3 for upcoming release by @terriko in https://github.com/intel/cve-bin-tool/pull/4019

Full Changelog: v3.2.1...v3.3

New Contributors

@bcieszko made their first contribution in #2961
@step-security-bot made their first contribution in #3031
@offsake made their first contribution in #3029
@gvozzolo made their first contribution in #2913
@yr1404 made their first contribution in #3129
@chillerno1 made their first contribution in #3134
@gluesmith2021 made their first contribution in #3245
@0o001 made their first contribution in #3274
@kumaryogesh17 made their first contribution in #3285
@r0ckYr made their first contribution in #3350
@Tengas made their first contribution in #2873
@sw-sdiepold made their first contribution in #3353
@Niloth-p made their first contribution in #3381
@Swarno-Coder made their first contribution in #3382
@reginareynolds made their first contribution in #3392
@bkpecho made their first contribution in #3387
@NabhiA made their first contribution in #3388
@raffifu made their first contribution in #3397
@rabroldan made their first contribution in #3429
@mastersans made their first contribution in #3441
@pranshu-raj-211 made their first contribution in #3442
@pbelokon made their first contribution in #3469
@Anurag-Nagpal made their first contribution in #3474
@CrypticRevenger made their first contribution in #3492
@Ferdinand-Ogama made their first contribution in #3445
@weichslgartner made their first contribution in #3490
@Virtual4087 made their first contribution in #3496
@ha36d made their first contribution in #3491
@shivam200446 made their first contribution in #3488
@AryanBakliwal made their first contribution in #3480
@joydeep049 made their first contribution in #3452
@perrinjerome made their first contribution in #3557
@Mayankrai449 made their first contribution in #3640
@akshatgokul made their first contribution in #3671
@Mahhheshh made their first contribution in #3665
@aptitudepi made their first contribution in #3677
@DEVESH-N2 made their first contribution in #3662
@inosmeet made their first contribution in #3717
@M0be made their first contribution in https://github.com/intel/cve-bin-tool/pull/3831
@HamzaMateen made their first contribution in https://github.com/intel/cve-bin-tool/pull/3852
@derekmarion made their first contribution in https://github.com/intel/cve-bin-tool/pull/3781
@cinix made their first contribution in https://github.com/intel/cve-bin-tool/pull/3871
@jananir640 made their first contribution in https://github.com/intel/cve-bin-tool/pull/3812
@abhijeetsourav made their first contribution in https://github.com/intel/cve-bin-tool/pull/3920
@antoninoLorenzo made their first contribution in https://github.com/intel/cve-bin-tool/pull/3914
@octonawish-akcodes made their first contribution in https://github.com/intel/cve-bin-tool/pull/3843
@harshittiwariii made their first contribution in https://github.com/intel/cve-bin-tool/pull/3885
@Error838 made their first contribution in https://github.com/intel/cve-bin-tool/pull/3935
@mvp-2003 made their first contribution in https://github.com/intel/cve-bin-tool/pull/3952
@devesh-2002 made their first contribution in https://github.com/intel/cve-bin-tool/pull/3891
@alevchenko12 made their first contribution in https://github.com/intel/cve-bin-tool/pull/3983

intel/cve-bin-tool v3.3 CVE Binary Tool 3.3 on GitHub

Release highlights

Change Log

New Contributors

intel/cve-bin-tool v3.3
CVE Binary Tool 3.3

on GitHub